$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/D61299F2D8C011EFB41E1319C4F9AE02.roa File: D61299F2D8C011EFB41E1319C4F9AE02.roa (raw, json) Hash identifier: 1Mnu5Kcr8+QSDHHvBWqO3NthqVgKtFSxzfASTz7l5b8= Subject key identifier: 75:C0:5F:A4:D6:9B:E4:6B:01:E8:96:7C:FB:8A:97:92:47:65:E0:95 Certificate issuer: /CN=A91FA5A2/serialNumber=5B59FCB65341FD33789BFBAFA9637DF0CE404DAB Certificate serial: 01B0 Authority key identifier: 5B:59:FC:B6:53:41:FD:33:78:9B:FB:AF:A9:63:7D:F0:CE:40:4D:AB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/D61299F2D8C011EFB41E1319C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:40:43 +0000 ROA not before: Sat 17 May 2025 05:04:45 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 140577 IP address blocks: 168.100.128.0/19 maxlen: 19 168.100.128.0/20 maxlen: 20 168.100.128.0/21 maxlen: 21 168.100.136.0/21 maxlen: 24 168.100.144.0/20 maxlen: 20 168.100.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.crl rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:21:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 432 (0x1b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA5A2, serialNumber=5B59FCB65341FD33789BFBAFA9637DF0CE404DAB Validity Not Before: May 17 05:04:45 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3df6b-7e18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:59:ce:92:c6:58:f1:4f:30:b9:b9:44:8a: 40:80:44:70:47:7a:b3:c8:59:d5:e7:d8:5e:b8:c2: 8c:d6:43:43:f4:3e:33:c6:ed:fd:8d:14:43:f0:05: 2b:5a:0e:4f:00:f9:ee:0a:55:c0:33:e9:be:3e:ef: 36:33:9d:21:65:98:d3:13:c3:f9:98:b0:63:a0:a5: 0d:79:e4:0c:85:fb:33:27:de:df:6d:40:c7:95:8f: 08:ff:01:f1:d1:db:57:34:66:e8:5d:b2:fd:52:ea: ca:c5:22:cd:b8:20:cc:c2:db:74:ce:13:a6:03:8d: a9:7b:9b:ba:30:2e:59:d5:ee:c5:4b:80:cd:88:e5: 06:5f:3e:b5:88:2a:e8:9d:4a:6c:1e:f7:b6:4f:d1: dc:1b:65:c2:e5:d7:6b:72:e3:6e:5b:89:59:cf:5c: 12:a0:11:6f:2a:04:6e:a6:ca:00:b6:7b:a8:3e:0d: 7d:ab:25:e4:00:1c:20:eb:9a:9d:e4:ce:4e:bc:d2: 1a:3f:a7:14:d0:e2:75:71:8f:24:66:b0:83:bf:a7: b8:c9:a8:ee:72:b5:d4:70:54:03:41:62:36:b0:9b: c1:5e:9b:80:21:6c:8f:b7:17:9d:2c:f2:00:54:a6: 4c:8f:fb:eb:a4:ec:4b:93:dd:ea:bd:e9:18:71:2f: bd:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:C0:5F:A4:D6:9B:E4:6B:01:E8:96:7C:FB:8A:97:92:47:65:E0:95 X509v3 Authority Key Identifier: keyid:5B:59:FC:B6:53:41:FD:33:78:9B:FB:AF:A9:63:7D:F0:CE:40:4D:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/D61299F2D8C011EFB41E1319C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 168.100.128.0/19 Signature Algorithm: sha256WithRSAEncryption 6c:56:a1:2b:71:15:8b:2c:65:de:9d:d8:c8:38:a8:c9:d1:8a: 38:68:34:20:fb:76:e0:fb:ab:f3:21:21:49:99:4c:6b:80:50: e1:bd:7a:42:df:02:b1:5e:1b:28:7e:1a:e1:e9:a3:de:c6:c2: 75:5b:ea:70:53:bb:41:41:47:a5:eb:f4:e5:1f:1a:a0:45:36: bf:0a:73:35:44:64:43:d0:42:d5:8d:99:87:08:d5:85:4a:e1: f3:cc:1b:1a:a9:98:f3:11:12:ac:5b:13:4f:43:46:34:a1:d1: 67:51:bb:1a:6d:1e:95:83:a2:7c:c5:2f:0d:4e:e0:9f:61:92: e8:d1:f6:aa:7c:c9:92:79:d3:c6:1a:9a:37:ea:c4:a2:16:f7: 71:25:ec:77:2a:f7:e8:0b:f1:31:4a:84:98:99:9d:f6:19:c7: 23:2a:ea:2a:7f:81:68:17:1e:a5:66:2a:67:79:7f:84:d6:df: 4f:02:d9:21:12:94:b0:ee:e7:fa:bd:f5:20:20:1f:e4:37:ef: ae:5c:5f:e6:88:5b:d9:c8:6b:30:7d:25:55:42:a9:d0:ca:a0: e3:ce:6b:5a:13:f8:32:33:2d:49:21:00:78:80:73:6d:59:fc: d5:f9:d7:13:d3:1d:aa:70:3b:f9:72:09:3f:b5:d1:0c:fd:c8: 3a:9b:ad:53 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1QTIxMTAvBgNVBAUTKDVCNTlGQ0I2NTM0MUZEMzM3ODlCRkJBRkE5NjM3REYw Q0U0MDREQUIwHhcNMjUwNTE3MDUwNDQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZGY2Yi03ZTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqPZZzpLGWPFPMLm5RIpAgERwR3qzyFnV59heuMKM1kND9D4zxu39jRRD8AUr Wg5PAPnuClXAM+m+Pu82M50hZZjTE8P5mLBjoKUNeeQMhfszJ97fbUDHlY8I/wHx 0dtXNGboXbL9UurKxSLNuCDMwtt0zhOmA42pe5u6MC5Z1e7FS4DNiOUGXz61iCro nUpsHve2T9HcG2XC5ddrcuNuW4lZz1wSoBFvKgRupsoAtnuoPg19qyXkABwg65qd 5M5OvNIaP6cU0OJ1cY8kZrCDv6e4yajucrXUcFQDQWI2sJvBXpuAIWyPtxedLPIA VKZMj/vrpOxLk93qvekYcS+9cQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFHXAX6TW m+RrAeiWfPuKl5JHZeCVMB8GA1UdIwQYMBaAFFtZ/LZTQf0zeJv7r6ljffDOQE2r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTVBMi8zRTE2NDE2ODk4 RjYxMUVFQkJGMUY0MTdDNEY5QUUwMi9XMW44dGxOQl9UTjRtX3V2cVdOOThNNUFU YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1cxbjh0bE5CX1RONG1fdXZxV045OE01QVRhcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE1QTIvM0UxNjQxNjg5OEY2MTFFRUJCRjFGNDE3QzRGOUFFMDIvRDYxMjk5RjJE OEMwMTFFRkI0MUUxMzE5QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFqGSAMA0GCSqGSIb3DQEBCwUAA4IBAQBsVqErcRWLLGXendjIOKjJ 0Yo4aDQg+3bg+6vzISFJmUxrgFDhvXpC3wKxXhsofhrh6aPexsJ1W+pwU7tBQUel 6/TlHxqgRTa/CnM1RGRD0ELVjZmHCNWFSuHzzBsaqZjzERKsWxNPQ0Y0odFnUbsa bR6Vg6J8xS8NTuCfYZLo0faqfMmSedPGGpo36sSiFvdxJex3KvfoC/ExSoSYmZ32 GccjKuoqf4FoFx6lZipneX+E1t9PAtkhEpSw7uf6vfUgIB/kN++uXF/miFvZyGsw fSVVQqnQyqDjzmtaE/gyMy1JIQB4gHNtWfzV+dcT0x2qcDv5cgk/tdEM/cg6m61T -----END CERTIFICATE-----Generated at Mon Mar 2 06:22:41 2026 by rpki-client